Seceon, the only threat detection and management company to visualize, detect, and eliminate cyber threats in real-time, today introduces aiSIEM™, a modern adaptation to security information and event management (SIEM). Seceon’s aiSIEM extends traditional SIEM capabilities, providing enterprise and service provider organizations with continuous data analytics for ongoing assessment of security posture and compliance, offering adaptive access, predicting and anticipating threats and responding to verified threats in real-time. Seceon’s capabilities were also recognized today by CyberDefense Magazine, who named the company a 2018 Infosec Award winner for Security Company of the Year and Machine Learning and Artificial Intelligence.
“Faced with ongoing skill, resource and security infrastructure challenges, today’s enterprise struggles to find a threat detection and response platform that can bring a comprehensive view of the organization—spanning many locations, hybrid cloud and third-party partner access—as well as the highly skilled security experts capable of managing them,” said Chandra Pandey, Founder and CEO of Seceon. “Developed from the ground up to deliver comprehensive cybersecurity for the digital era, the Seceon aiSIEM platform brings real-time automation and simplicity to the traditional SIEM approach. By collecting, ingesting and analyzing raw logs, flows, traffic and identity across all assets, aiSIEM offers complete visibility, proactive threat detection, immediate containment and elimination of threats with continuous policy enforcement, and compliance monitoring and reporting.”
While the traditional SIEM product category remains one of the fastest growing market segments in cybersecurity, the adoption of hybrid cloud networks, the growing complexity and number of cybersecurity threat vectors and a lack of cybersecurity expert talent, demand an improved set of capabilities for organizations to complement their existing SIEM investment. Furthermore, the volume of rapidly growing security incidents has become unmanageable for resource-constrained security operations teams, underscoring the need for end-to-end automation of detection and response.
Gartner states that “the evolution of the technology indicates that modern SIEM works with more than just log data and applies more than simple correlation rules for data analysis. Some of the capabilities that go beyond the definition above and usually are incorporated into modern SIEMs are: collect and analyze not just logs but also data from endpoints and the network (similar to network traffic analysis [NTA] and endpoint detection and response [EDR] solutions)…robust threat intelligence (TI) support (incorporating feeds and other sources for correlation and enrichment)…data analytics that goes beyond rules (such as UEBA capabilities)…advanced security operations center (SOC) workflow capabilities (although still limited when compared to dedicated SOAR tools).”1
Unlike traditional SIEM solutions, Seceon aiSIEM goes beyond static log data, simple analysis for correlation of events, and application of network traffic rules to enhance an organization’s security posture. Real-time machine learning handles large data volumes in conjunction with contemporary big/fast data frameworks, efficiently enabling adaptation to any environment dynamically upon deployment for deep data analysis. The complexity is substantially reduced by Seceon’s dynamic threat models engine and its behavioral analytics engine which combined, eliminate need for writing complex rules. Moreover, when complemented by Seceon’s advanced patent-pending correlation engine, powered by artificial intelligence that generates meaningful alerts with improved accuracy from scores of threat indicators, Seceon’s aiSIEM surfaces relevant threats in minutes, that would have taken hours or days to detect when previously analyzed by human security professionals. aiSIEM effectively meets critical security requirements for digitally driven business with an automated approach of producing and applying actionable intelligence for threat containment and elimination in near real-time.
According to Gartner, “Now, security experts must apply a new approach: Continuous Adaptive Risk and Trust Assessment (CARTA)-continuous adaptive risk and trust assessment. This to stay competitive with emerging business opportunities. The key is to apply the philosophy across the business from DevOps to external partners.”2
Seceon believes its aiSIEM aligns to the Gartner’s CARTA approach to provide four key benefits:
- Proactive threat detection to reduce Mean-Time-To-Identify (MTTI) threats. aiSIEM proactively detects threats and surfaces them in real-time or near real-time without an agent or alert fatigue. It uses dynamic threat models, machine learning and AI with actionable intelligence combined with proprietary feature engineering for threat detection of known and unknown threats. The aiSIEM solution performs threat detection across the cloud, on-premise, and hybrid environments for MSSPs and Enterprises.
- Automatic threat remediation to reduce Mean-Time-To-Resolve (MTTR) threats. aiSIEM performs automatic threat containment and elimination in real-time. It also provides clear actionable steps to eliminate the threats that can either be taken automatically by the system or manually by the security expert post-analysis. The auto-remediation can also be triggered as per a specific ‘configurable’ schedule and can be used for effective risk mitigation in near real-time.
- Continuous compliance and risk monitoring. aiSIEM offers continuous compliance and scheduled or on-demand reporting for HIPAA, GDPR, PCI-DSS, NIST, FINRA and many other similar regulations by providing long-term data analytics for security operations, investigation support and reporting.
- Comprehensive visibility. aiSIEM ingests all your raw streaming data (Logs, Packets, Flows, Identities) from many different types of devices and applications in your environment. It then enriches the data extracting meaningful features to provide real-time extensive view of all assets (users, hosts, servers, applications, data access and movement, traffic) that are on premise, cloud or hybrid and their interactions.
Some of the key capabilities of aiSIEM include:
- Large-scale and robust data collection from cloud and other modern IT data sources,
- Collection and analysis of logs and raw streaming data (packets, flows, identities) from networks and endpoints,
- Integrated threat intelligence (TI) feeds for correlation and enrichment; updated daily by 40 NSA, honeypot and industry feeds of known threats,
- Enhanced data analytics beyond rules,
- Fast and scalable search over volumes of raw data,
- Multi-layer detection – Detection of known, as well as, never-before-seen threats at the earliest phase of the chain,
- Productivity increase – Advanced analytics over multiple stages eliminates false positives – 25 x threat surface reduction,
- Threat impact analysis – Comprehensive interactive visual interface to drill down threats and effected sources and targets.
Follow Seceon online: Twitter | Facebook | LinkedIn
1 Gartner, “SIEM Technology Assessment,” Anton Chuvakin, Augusto Barros, 12 October 2017.
2 Gartner, “The Gartner IT Security Approach for the Digital Age,” 12 June 2017.
Taking a new approach to conventional threat detection and management, Seceon helps today’s enterprise detect and stop both recognized and never-seen-before threats when they happen, instead of days, weeks or months later. Leveraging intelligent data collection and analysis, Seceon’s Open Threat Management platform provides unmatched visibility across the entire network—from users and devices to applications and flows—surfacing only the most relevant threats in real-time and the means necessary to eliminate them immediately. To learn more about Seceon’s aiSIEM solution, please visit www.seceon.com or call (978)-923-0040.
Seceon Press Contact: